[PATCH] event: Cheking for NULL before dereferencing the pointer.
Hardening
rdp.effort at gmail.com
Fri May 9 05:50:19 PDT 2014
Le 09/05/2014 12:20, Pekka Paalanen a écrit :
> On Fri, 09 May 2014 15:21:51 +0530
> Srivardhan <sri.hebbar at samsung.com> wrote:
>
>>
>>
>>> -----Original Message-----
>>> From: Pekka Paalanen [mailto:ppaalanen at gmail.com]
>>> Sent: Friday, May 09, 2014 3:09 PM
>>> To: Srivardhan
>>> Cc: 'Hardening'; wayland-devel at lists.freedesktop.org
>>> Subject: Re: [PATCH] event: Cheking for NULL before dereferencing the
>>> pointer.
>>>
>>> On Fri, 09 May 2014 14:56:14 +0530
>>> Srivardhan <sri.hebbar at samsung.com> wrote:
>>>
[...]
>
> Checking is one thing, silently hiding bugs is another thing.
>
> If NULL is a legal input, then of course it needs to be checked.
>
> If NULL can happen, but is a runtime error, the program needs to be
> vocal about it, e.g. relay the error back to the caller.
>
> If API specification says NULL is not a valid input, putting an
> assert() would be fine, since violating that is a programmer error in
> the caller.
>
> I think wl_event_source_remove() falls into the last category. All
> functions in wayland-util.h belong to this category, too.
>
IMHO wl_event_source_remove() should take a wl_event_source ** as
parameter and set to NULL the event_source pointer (preventing anyone
to use it). Using eclipse call hierarchy, I've seen many places where
this extra precaution is not taken.
I don't know if wl_event_source_remove() can be considered as part of
the libwayland API and so fixed in stone ?
Regards.
--
David FORT
website: http://www.hardening-consulting.com/
More information about the wayland-devel
mailing list